- Update from version 2.1.4 to 3.0.3 - Update of rootfile - CVE fix in 3.0.0 - Changelog 3.0.3 1. Fixed an issue in the build system, introduced in 3.0.2, that caused all libjpeg-turbo components to depend on the Visual C++ run-time DLL when built with Visual C++ and CMake 3.15 or later, regardless of value of the `WITH_CRT_DLL` CMake variable. 2. The x86-64 SIMD extensions now include support for Intel Control-flow Enforcement Technology (CET), which is enabled automatically if CET is enabled in the C compiler. 3. Fixed a regression introduced by 3.0 beta2[6] that made it impossible for calling applications to supply custom Huffman tables when generating 12-bit-per-component lossy JPEG images using the libjpeg API. 4. Fixed a segfault that occurred when attempting to use the jpegtran `-drop` option with a specially-crafted malformed input image or drop image (specifically an image in which all of the scans contain fewer components than the number of components specified in the Start Of Frame segment.) 3.0.2 1. Fixed a signed integer overflow in the `tj3CompressFromYUV8()`, `tj3DecodeYUV8()`, `tj3DecompressToYUV8()`, and `tj3EncodeYUV8()` functions, detected by the Clang and GCC undefined behavior sanitizers, that could be triggered by setting the `align` parameter to an unreasonably large value. This issue did not pose a security threat, but removing the warning made it easier to detect actual security issues, should they arise in the future. 2. Introduced a new parameter (`TJPARAM_MAXMEMORY` in the TurboJPEG C API and `TJ.PARAM_MAXMEMORY` in the TurboJPEG Java API) and a corresponding TJBench option (`-maxmemory`) for specifying the maximum amount of memory (in megabytes) that will be allocated for intermediate buffers, which are used with progressive JPEG compression and decompression, optimized baseline entropy coding, lossless JPEG compression, and lossless transformation. The new parameter and option serve the same purpose as the `max_memory_to_use` field in the `jpeg_memory_mgr` struct in the libjpeg API, the `JPEGMEM` environment variable, and the cjpeg/djpeg/jpegtran `-maxmemory` option. 3. Introduced a new parameter (`TJPARAM_MAXPIXELS` in the TurboJPEG C API and `TJ.PARAM_MAXPIXELS` in the TurboJPEG Java API) and a corresponding TJBench option (`-maxpixels`) for specifying the maximum number of pixels that the decompression, lossless transformation, and packed-pixel image loading functions/methods will process. 4. Fixed an error ("Unsupported color conversion request") that occurred when attempting to decompress a 3-component lossless JPEG image without an Adobe APP14 marker. The decompressor now assumes that a 3-component lossless JPEG image without an Adobe APP14 marker uses the RGB colorspace if its component IDs are 1, 2, and 3. 3.0.1 1. The x86-64 SIMD functions now use a standard stack frame, prologue, and epilogue so that debuggers and profilers can reliably capture backtraces from within the functions. 2. Fixed two minor issues in the interblock smoothing algorithm that caused mathematical (but not necessarily perceptible) edge block errors when decompressing progressive JPEG images exactly two MCU blocks in width or that use vertical chrominance subsampling. 3. Fixed a regression introduced by 3.0 beta2[6] that, in rare cases, caused the C Huffman encoder (which is not used by default on x86 and Arm CPUs) to generate incorrect results if the Neon SIMD extensions were explicitly disabled at build time (by setting the `WITH_SIMD` CMake variable to `0`) in an AArch64 build of libjpeg-turbo. 3.0.0 1. The TurboJPEG API now supports 4:4:1 (transposed 4:1:1) chrominance subsampling, which allows losslessly transposed or rotated 4:1:1 JPEG images to be losslessly cropped, partially decompressed, or decompressed to planar YUV images. 2. Fixed various segfaults and buffer overruns (CVE-2023-2804) that occurred when attempting to decompress various specially-crafted malformed 12-bit-per-component and 16-bit-per-component lossless JPEG images using color quantization or merged chroma upsampling/color conversion. The underlying cause of these issues was that the color quantization and merged chroma upsampling/color conversion algorithms were not designed with lossless decompression in mind. Since libjpeg-turbo explicitly does not support color conversion when compressing or decompressing lossless JPEG images, merged chroma upsampling/color conversion never should have been enabled for such images. Color quantization is a legacy feature that serves little or no purpose with lossless JPEG images, so it is also now disabled when decompressing such images. (As a result, djpeg can no longer decompress a lossless JPEG image into a GIF image.) 3. Fixed an oversight in 1.4 beta1[8] that caused various segfaults and buffer overruns when attempting to decompress various specially-crafted malformed 12-bit-per-component JPEG images using djpeg with both color quantization and RGB565 color conversion enabled. 4. Fixed an issue whereby `jpeg_crop_scanline()` sometimes miscalculated the downsampled width for components with 4x2 or 2x4 subsampling factors if decompression scaling was enabled. This caused the components to be upsampled incompletely, which caused the color converter to read from uninitialized memory. With 12-bit data precision, this caused a buffer overrun or underrun and subsequent segfault if the sample value read from uninitialized memory was outside of the valid sample range. 5. Fixed a long-standing issue whereby the `tj3Transform()` function, when used with the `TJXOP_TRANSPOSE`, `TJXOP_TRANSVERSE`, `TJXOP_ROT90`, or `TJXOP_ROT270` transform operation and without automatic JPEG destination buffer (re)allocation or lossless cropping, computed the worst-case transformed JPEG image size based on the source image dimensions rather than the transformed image dimensions. If a calling program allocated the JPEG destination buffer based on the transformed image dimensions, as the API documentation instructs, and attempted to transform a specially-crafted 4:2:2, 4:4:0, 4:1:1, or 4:4:1 JPEG source image containing a large amount of metadata, the issue caused `tj3Transform()` to overflow the JPEG destination buffer rather than fail gracefully. The issue could be worked around by setting `TJXOPT_COPYNONE`. Note that, irrespective of this issue, `tj3Transform()` cannot reliably transform JPEG source images that contain a large amount of metadata unless automatic JPEG destination buffer (re)allocation is used or `TJXOPT_COPYNONE` is set. 6. Fixed a regression introduced by 3.0 beta2[6] that prevented the djpeg `-map` option from working when decompressing 12-bit-per-component lossy JPEG images. 7. Fixed an issue that caused the C Huffman encoder (which is not used by default on x86 and Arm CPUs) to read from uninitialized memory when attempting to transform a specially-crafted malformed arithmetic-coded JPEG source image into a baseline Huffman-coded JPEG destination image. 2.1.91 1. Significantly sped up the computation of optimal Huffman tables. This speeds up the compression of tiny images by as much as 2x and provides a noticeable speedup for images as large as 256x256 when using optimal Huffman tables. 2. All deprecated fields, constructors, and methods in the TurboJPEG Java API have been removed. 3. Arithmetic entropy coding is now supported with 12-bit-per-component JPEG images. 4. Overhauled the TurboJPEG API to address long-standing limitations and to make the API more extensible and intuitive: - All C function names are now prefixed with `tj3`, and all version suffixes have been removed from the function names. Future API overhauls will increment the prefix to `tj4`, etc., thus retaining backward API/ABI compatibility without versioning each individual function. - Stateless boolean flags have been replaced with stateful integer API parameters, the values of which persist between function calls. New functions/methods (`tj3Set()`/`TJCompressor.set()`/`TJDecompressor.set()` and `tj3Get()`/`TJCompressor.get()`/`TJDecompressor.get()`) can be used to set and query the value of a particular API parameter. - The JPEG quality and subsampling are now implemented using API parameters rather than stateless function arguments (C) or dedicated set/get methods (Java.) - `tj3DecompressHeader()` now stores all relevant information about the JPEG image, including the width, height, subsampling type, entropy coding algorithm, etc., in API parameters rather than returning that information through pointer arguments. - `TJFLAG_LIMITSCANS`/`TJ.FLAG_LIMITSCANS` has been reimplemented as an API parameter (`TJPARAM_SCANLIMIT`/`TJ.PARAM_SCANLIMIT`) that allows the number of scans to be specified. - Optimized baseline entropy coding (the computation of optimal Huffman tables, as opposed to using the default Huffman tables) can now be specified, using a new API parameter (`TJPARAM_OPTIMIZE`/`TJ.PARAM_OPTIMIZE`), a new transform option (`TJXOPT_OPTIMIZE`/`TJTransform.OPT_OPTIMIZE`), and a new TJBench option (`-optimize`.) - Arithmetic entropy coding can now be specified or queried, using a new API parameter (`TJPARAM_ARITHMETIC`/`TJ.PARAM_ARITHMETIC`), a new transform option (`TJXOPT_ARITHMETIC`/`TJTransform.OPT_ARITHMETIC`), and a new TJBench option (`-arithmetic`.) - The restart marker interval can now be specified, using new API parameters (`TJPARAM_RESTARTROWS`/`TJ.PARAM_RESTARTROWS` and `TJPARAM_RESTARTBLOCKS`/`TJ.PARAM_RESTARTBLOCKS`) and a new TJBench option (`-restart`.) - Pixel density can now be specified or queried, using new API parameters (`TJPARAM_XDENSITY`/`TJ.PARAM_XDENSITY`, `TJPARAM_YDENSITY`/`TJ.PARAM_YDENSITY`, and `TJPARAM_DENSITYUNITS`/`TJ.PARAM_DENSITYUNITS`.) - The accurate DCT/IDCT algorithms are now the default for both compression and decompression, since the "fast" algorithms are considered to be a legacy feature. (The "fast" algorithms do not pass the ISO compliance tests, and those algorithms are not any faster than the accurate algorithms on modern x86 CPUs.) - All C initialization functions have been combined into a single function (`tj3Init()`) that accepts an integer argument specifying the subsystems to initialize. - All C functions now use the `const` keyword for pointer arguments that point to unmodified buffers (and for both dimensions of pointer arguments that point to sets of unmodified buffers.) - All C functions now use `size_t` rather than `unsigned long` to represent buffer sizes, for compatibility with `malloc()` and to avoid disparities in the size of `unsigned long` between LP64 (Un*x) and LLP64 (Windows) operating systems. - All C buffer size functions now return 0 if an error occurs, rather than trying to awkwardly return -1 in an unsigned data type (which could easily be misinterpreted as a very large value.) - Decompression scaling is now enabled explicitly, using a new function/method (`tj3SetScalingFactor()`/`TJDecompressor.setScalingFactor()`), rather than implicitly using awkward "desired width"/"desired height" arguments. - Partial image decompression has been implemented, using a new function/method (`tj3SetCroppingRegion()`/`TJDecompressor.setCroppingRegion()`) and a new TJBench option (`-crop`.) - The JPEG colorspace can now be specified explicitly when compressing, using a new API parameter (`TJPARAM_COLORSPACE`/`TJ.PARAM_COLORSPACE`.) This allows JPEG images with the RGB and CMYK colorspaces to be created. - TJBench no longer generates error/difference images, since identical functionality is already available in ImageMagick. - JPEG images with unknown subsampling configurations can now be fully decompressed into packed-pixel images or losslessly transformed (with the exception of lossless cropping.) They cannot currently be partially decompressed or decompressed into planar YUV images. - `tj3Destroy()` now silently accepts a NULL handle. - `tj3Alloc()` and `tj3Free()` now return/accept void pointers, as `malloc()` and `free()` do. - The C image I/O functions now accept a TurboJPEG instance handle, which is used to transmit/receive API parameter values and to receive error information. 5. Added support for 8-bit-per-component, 12-bit-per-component, and 16-bit-per-component lossless JPEG images. A new libjpeg API function (`jpeg_enable_lossless()`), TurboJPEG API parameters (`TJPARAM_LOSSLESS`/`TJ.PARAM_LOSSLESS`, `TJPARAM_LOSSLESSPSV`/`TJ.PARAM_LOSSLESSPSV`, and `TJPARAM_LOSSLESSPT`/`TJ.PARAM_LOSSLESSPT`), and a cjpeg/TJBench option (`-lossless`) can be used to create a lossless JPEG image. (Decompression of lossless JPEG images is handled automatically.) Refer to [libjpeg.txt](libjpeg.txt), [usage.txt](usage.txt), and the TurboJPEG API documentation for more details. 6. Added support for 12-bit-per-component (lossy and lossless) and 16-bit-per-component (lossless) JPEG images to the libjpeg and TurboJPEG APIs: - The existing `data_precision` field in `jpeg_compress_struct` and `jpeg_decompress_struct` has been repurposed to enable the creation of 12-bit-per-component and 16-bit-per-component JPEG images or to detect whether a 12-bit-per-component or 16-bit-per-component JPEG image is being decompressed. - New 12-bit-per-component and 16-bit-per-component versions of `jpeg_write_scanlines()` and `jpeg_read_scanlines()`, as well as new 12-bit-per-component versions of `jpeg_write_raw_data()`, `jpeg_skip_scanlines()`, `jpeg_crop_scanline()`, and `jpeg_read_raw_data()`, provide interfaces for compressing from/decompressing to 12-bit-per-component and 16-bit-per-component packed-pixel and planar YUV image buffers. - New 12-bit-per-component and 16-bit-per-component compression, decompression, and image I/O functions/methods have been added to the TurboJPEG API, and a new API parameter (`TJPARAM_PRECISION`/`TJ.PARAM_PRECISION`) can be used to query the data precision of a JPEG image. (YUV functions are currently limited to 8-bit data precision but can be expanded to accommodate 12-bit data precision in the future, if such is deemed beneficial.) - A new cjpeg and TJBench command-line argument (`-precision`) can be used to create a 12-bit-per-component or 16-bit-per-component JPEG image. (Decompression and transformation of 12-bit-per-component and 16-bit-per-component JPEG images is handled automatically.) 2.1.5.1 1. The SIMD dispatchers in libjpeg-turbo 2.1.4 and prior stored the list of supported SIMD instruction sets in a global variable, which caused an innocuous race condition whereby the variable could have been initialized multiple times if `jpeg_start_*compress()` was called simultaneously in multiple threads. libjpeg-turbo 2.1.5 included an undocumented attempt to fix this race condition by making the SIMD support variable thread-local. However, that caused another issue whereby, if `jpeg_start_*compress()` was called in one thread and `jpeg_read_*()` or `jpeg_write_*()` was called in a second thread, the SIMD support variable was never initialized in the second thread. On x86 systems, this led the second thread to incorrectly assume that AVX2 instructions were always available, and when it attempted to use those instructions on older x86 CPUs that do not support them, an illegal instruction error occurred. The SIMD dispatchers now ensure that the SIMD support variable is initialized before dispatching based on its value. 2.1.5 1. Fixed issues in the build system whereby, when using the Ninja Multi-Config CMake generator, a static build of libjpeg-turbo (a build in which `ENABLE_SHARED` is `0`) could not be installed, a Windows installer could not be built, and the Java regression tests failed. 2. Fixed a regression introduced by 2.0 beta1[15] that caused a buffer overrun in the progressive Huffman encoder when attempting to transform a specially-crafted malformed 12-bit-per-component JPEG image into a progressive 12-bit-per-component JPEG image using a 12-bit-per-component build of libjpeg-turbo (`-DWITH_12BIT=1`.) Given that the buffer overrun was fully contained within the progressive Huffman encoder structure and did not cause a segfault or other user-visible errant behavior, given that the lossless transformer (unlike the decompressor) is not generally exposed to arbitrary data exploits, and given that 12-bit-per-component builds of libjpeg-turbo are uncommon, this issue did not likely pose a security risk. 3. Fixed an issue whereby, when using a 12-bit-per-component build of libjpeg-turbo (`-DWITH_12BIT=1`), passing samples with values greater than 4095 or less than 0 to `jpeg_write_scanlines()` caused a buffer overrun or underrun in the RGB-to-YCbCr color converter. 4. Fixed a floating point exception that occurred when attempting to use the jpegtran `-drop` and `-trim` options to losslessly transform a specially-crafted malformed JPEG image. 5. Fixed an issue in `tjBufSizeYUV2()` whereby it returned a bogus result, rather than throwing an error, if the `align` parameter was not a power of 2. Fixed a similar issue in `tjCompressFromYUV()` whereby it generated a corrupt JPEG image in certain cases, rather than throwing an error, if the `align` parameter was not a power of 2. 6. Fixed an issue whereby `tjDecompressToYUV2()`, which is a wrapper for `tjDecompressToYUVPlanes()`, used the desired YUV image dimensions rather than the actual scaled image dimensions when computing the plane pointers and strides to pass to `tjDecompressToYUVPlanes()`. This caused a buffer overrun and subsequent segfault if the desired image dimensions exceeded the scaled image dimensions. 7. Fixed an issue whereby, when decompressing a 12-bit-per-component JPEG image (`-DWITH_12BIT=1`) using an alpha-enabled output color space such as `JCS_EXT_RGBA`, the alpha channel was set to 255 rather than 4095. 8. Fixed an issue whereby the Java version of TJBench did not accept a range of quality values. 9. Fixed an issue whereby, when `-progressive` was passed to TJBench, the JPEG input image was not transformed into a progressive JPEG image prior to decompression.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/common/libjpeg | 6 +++--- lfs/libjpeg | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/config/rootfiles/common/libjpeg b/config/rootfiles/common/libjpeg index 74c101854..740df676a 100644 --- a/config/rootfiles/common/libjpeg +++ b/config/rootfiles/common/libjpeg @@ -16,17 +16,17 @@ #usr/lib/cmake/libjpeg-turbo/libjpeg-turboTargets.cmake #usr/lib/libjpeg.so usr/lib/libjpeg.so.8 -usr/lib/libjpeg.so.8.2.2 +usr/lib/libjpeg.so.8.3.2 #usr/lib/libturbojpeg.so usr/lib/libturbojpeg.so.0 -usr/lib/libturbojpeg.so.0.2.0 +usr/lib/libturbojpeg.so.0.3.0 #usr/lib/pkgconfig/libjpeg.pc #usr/lib/pkgconfig/libturbojpeg.pc #usr/share/doc/libjpeg-turbo #usr/share/doc/libjpeg-turbo/LICENSE.md #usr/share/doc/libjpeg-turbo/README.ijg #usr/share/doc/libjpeg-turbo/README.md -#usr/share/doc/libjpeg-turbo/example.txt +#usr/share/doc/libjpeg-turbo/example.c #usr/share/doc/libjpeg-turbo/libjpeg.txt #usr/share/doc/libjpeg-turbo/structure.txt #usr/share/doc/libjpeg-turbo/tjexample.c diff --git a/lfs/libjpeg b/lfs/libjpeg index b9c9d3cd8..311ce4bc9 100644 --- a/lfs/libjpeg +++ b/lfs/libjpeg @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2024 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 2.1.4 +VER = 3.0.3
THISAPP = libjpeg-turbo-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 80ffd77d58a37eae0bdc1868d994f34ea52c13e2624c720b1d0b6ec4d6d14b16911163ccd4009c8d6eda214f31e1fff78bb7eb4739ae6589d0fd8c7008c0e972 +$(DL_FILE)_BLAKE2 = 9d141dadd0dce970bf857b51352c57a8e15180438abd7d6d66f9dfd24e23889add8c6c89120b84026e40ab61611516b0567984bd1db37e9c45b41917cf32e9a6
install : $(TARGET)